I deal with this every engagement - the systems administrators fail to baseline thier servers let alone have a Trusted Facility Manual for each operating system. The Network security people take it upon themselves to assume corporate risk on configuring services on the firewall rather than write an executive summary explaining the risk and ask for management acceptance of any risk. Yes, IT professionals fail at documentation in most cases but every once in a while I run against a true professional that understand what it takes to keep his job and be a "A or B" player. The big problem is that most IT employees believe that their healthcare organization pays their paycheck and not the patient (customer) that uses the services being offer. It does not take a lot to build a good security program - just the need to hire someone that understand what a good program is and is a subject matter expert in this area. Check out "CERT" who has documentation amd training in this area to understand what you are trying to accomplish and all the varibles - then decide who much you need to adopt/document/implement.
Walt
From: "Mimi Hart" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: RE: Blaster, others Date: Thu, 18 Sep 2003 09:01:00 -0500
While I agree with your comments, I am sure others have some of the same issues - documention can seem to be very low down on the total pole for technical staff who struggle to keep up with the flood of patches, warnings, etc that are constantly coming in. If you try and document every warning, you can spend the whole day doing it. Mimi
>>> [EMAIL PROTECTED] 09/18/03 08:54AM >>> Mimi,
It is just not having a good virus management program in place with appropriate anti-virus software at the server, workstation, laptops, etc with policy, processess, and guidelines - but having a good incident management program in place to deal with these type of threats, etc. Hackers and viruses, worms, etc., enter into your environment via email, poorly
configured firewall services, lack of a dual layer IDS system, poorly code WEB application code (through the browser), or lack of anti-virus software. So just turn to your inhouse security professional that has the experience, education, and certifications to address this security solution for you, that why he/she gets the big bucks.
Walt
From: "Mimi Hart" <[EMAIL PROTECTED]> Reply-To: "Mimi Hart" <[EMAIL PROTECTED]> To: "WEDI SNIP Security Workgroup List" <[EMAIL PROTECTED]> Subject: RE: Blaster, others Date: Thu, 18 Sep 2003 07:32:34 -0500
I would be interested in others sharing the level of documentation they are going to in terms of being disrupted by Blaster, etc. Thanks
Mimi Hart +++* Research Analyst, HIPAA Iowa Health System 319-739-2430 (phone) 319-739-2594 (fax) 319-490-0637 (pager) [EMAIL PROTECTED] *********************************************
This message and accompanying documents are covered by the Electronic Communications Privacy Act, 18 U.S.C. บบ 2510-2521, and contain information intended for the specified individual(s) only. This information is confidential. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, copying, or the taking of any action based on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message.
*********************************************
--- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at
http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
_________________________________________________________________ Need more e-mail storage? Get 10MB with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es
_________________________________________________________________
Get 10MB of e-mail storage! Sign up for Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es
--- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-security as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org